The function was misdeclared, allowing a simple SQL
command to crash the server. In principle an attacker might
be able to use it to examine the contents of server memory.
Our thanks to Sumit Soni (via Secunia SVCRP) for reporting
this issue. (CVE-2013-0255)

Fix SQL grammar to allow subscripting or field selection
from a sub-SELECT result (Tom Lane)